Time to finally break away from the Wiegand format?

August 2015 IT infrastructure, News

The Wiegand interface, which rose to popularity in the 1980s, has long been accepted by the access control industry as the de facto wiring standard for interfacing between access controllers and various card or biometric readers.

As usual, the longer a technology is around, the more methods of exploiting its flaws will be found. Wiegand devices by their very nature tend to be unsupervised devices which can mean that they are the perfect attack targets for entry into secure areas – be it parliamentary buildings, airports, schools or other highly sensitive points.

The devices that are used for identifying the person attempting to attain access vary from extremely advanced (and expensive) retina, fingerprint or facial scanners through to proximity cards wielding the latest in secure storage and encrypted communication protocols. This information is then sent across insecure wires to a controller that also communicates using the latest in security.

Micro sensors that are put in place to ensure that the devices are not tampered with are ironically often disabled to make for easier servicing, do not have any method of feeding the alarm state back to a security centre, or only disable the device itself when active.

A Google search for the term ‘Hacking Wiegand Protocol’ will reveal many attacks that can be used against access control systems that employ this wiring system, including man-in-the-middle attacks whereby the CEO’s access control identification can be captured and replayed at a later point – this using a bottom-of-the-line and cheapest microcontroller with some fairly simple firmware.

There are various other issues that present themselves; including wiring length, number of wiring cores required to service the full interface, lack of encryption, overlap of card numbers and mostly unidirectional capabilities.

The access controllers or devices that use this wiring standard are not to blame for the on-going use and proliferation of this protocol as it has been used in the industry for so long that it has become ‘part of the furniture’ and accepted as the most common method for interconnectivity.

Tackling all of these challenges and allowing different devices and systems to communicate with each other seamlessly is a fairly complex task which has been taken on by the Security Industry Association (SIA). The protocol that has emerged is called OSDP (Open Supervised Device Protocol).

OSDP has been developed to communicate over two data lines and one earth line which makes it the perfect fit for RS-485 multi-drop communications, however it can also be extended to communicate over TCP/IP. Encryption has been built into the protocol, along with checksums for ensuring data integrity and monitoring capabilities to be able to tell when a device is damaged, offline or being tampered with.

Barend Keyser, Saflec.
Barend Keyser, Saflec.

As the access control industry starts to implement this protocol and the standard becomes more accepted there will be more and more devices that support OSDP and less that will implement Wiegand.

As a company, Saflec Systems has decided to start the migration process and has partnered with a number of companies, including Virdi (a popular biometrics provider) and HID to ensure that its solution is on the forefront of this OSDP revolution.

The new SDC-6xx controller range will support the OSDP protocol, and the new display reader soon to be released will also incorporate the protocol.

As the popular idiom goes – “a chain is only as strong as its weakest link”. It’s time to stop relying on this particular link.

For more information contact Saflec Systems, +27 (0)11 477 4760, info@safsys.co.za, www.safsys.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Video surveillance multicast networks made easy
Issue 1 2020, Duxbury Networking , IT infrastructure
Many businesses are struggling to realise the full potential of modern video surveillance technology due to limitations of the underlying network.

Read more...
Three data protection predictions for 2020
Issue 1 2020 , IT infrastructure
Byron Horn-Botha from Arcserve Southern Africa relates the company’s top three data predictions to be on the alert for in 2020.

Read more...
An open foundation for 2020
Issue 1 2020 , IT infrastructure
The migration to open hybrid cloud technologies will be the way to go as we head into the new decade.

Read more...
Will 5G be the answer to all prayers?
Issue 1 2020 , IT infrastructure
There is a lot of understandable confusion about the role Wi-Fi will play once 5G arrives, and how they might work together.

Read more...
So what is 5G?
Issue 1 2020 , IT infrastructure
With all the noise about 5G, Hi-Tech Security Solutions asked Deon Geyser, head of the Southern Africa sub region at Nokia for some insights.

Read more...
Duxbury Networking launches Solar Switch
November 2019 , IT infrastructure, Products
Duxbury Networking has launched its Solar Switch with tailored capabilities for applications in less-accessible areas where electricity is not available or not reliable.

Read more...
8-port PoE managed switch
November 2019, Regal Distributors SA , IT infrastructure
The NW101-7 is an 8-port PoE managed gigabit network switch capable of supporting 4K high-definition video transmission.

Read more...
4-ports industrial PoE managed switch
November 2019, Regal Distributors SA , IT infrastructure
The NW100-3 is a 4-port industrial full gigabit PoE wall-mount gigabit managed network switch with 1 x 60 W and 3 x 30 W PoE ports capable of supporting 4K high-definition video transmission.

Read more...
Mobile shredding plant simplifies secure data destruction
November 2019 , IT infrastructure
Companies no longer need to take unnecessary risks when disposing of their IT assets, they can now destroy digital data before it leaves their premises.

Read more...
Lightest notebook with 10th-gen processors
November 2019 , IT infrastructure
Dynabook Europe has announced the Portégé X30L-G, the lightest 13,3-inch business laptop with Intel 10th generation processors.

Read more...